curl vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the curl package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
L Loop with Unreachable Exit Condition ('Infinite Loop')	<8.14.1-r0
L Improper Certificate Validation	<8.14.0-r0
L Improper Certificate Validation	<8.14.0-r0
L CVE-2025-9086	<8.14.1-r2
L CVE-2025-10148	<8.14.1-r2
L CVE-2025-0167	<8.12.0-r0
L CVE-2025-0665	<8.12.0-r0
L Buffer Overflow	<8.12.0-r0
L CVE-2024-11053	<8.11.1-r0
H CVE-2024-6197	<8.9.0-r0
L Improper Certificate Validation	<8.7.1-r0
L Missing Release of Resource after Effective Lifetime	<8.7.1-r0
M Out-of-bounds Read	<8.9.0-r0
M Out-of-bounds Read	<8.9.1-r0
H Allocation of Resources Without Limits or Throttling	<8.3.0-r0
M Insufficient Comparison	<8.11.0-r0
C Out-of-bounds Write	<8.4.0-r0
M CVE-2023-46218	<8.5.0-r0
L CVE-2024-2466	<8.7.1-r0
L CVE-2023-38546	<8.4.0-r0
L CVE-2024-2004	<8.7.1-r0
L CVE-2023-28322	<8.1.0-r0
M Race Condition	<8.1.0-r0
M Improper Authentication	<8.0.0-r0
M Improper Certificate Validation	<8.6.0-r0
H Arbitrary Code Injection	<8.0.0-r0
M Missing Encryption of Sensitive Data	<8.5.0-r0
M Cleartext Transmission of Sensitive Information	<7.88.0-r0
H Directory Traversal	<8.0.0-r0
M Improper Authentication	<8.0.0-r0
M Improper Certificate Validation	<8.1.0-r0
L CVE-2024-8096	<8.10.0-r0
H Use After Free	<8.1.0-r0
M Double Free	<8.0.0-r0
H Cleartext Transmission of Sensitive Information	<7.87.0-r0
C Double Free	<7.79.0-r0
H Server-Side Request Forgery (SSRF)	<7.83.1-r0
H Improper Certificate Validation	<7.83.1-r0
M Out-of-bounds Write	<7.86.0-r0
M Allocation of Resources Without Limits or Throttling	<7.88.0-r0
C Cleartext Transmission of Sensitive Information	<7.88.0-r0
M Insufficient Verification of Data Authenticity	<7.79.0-r0
C Exposure of Resource to Wrong Sphere	<7.86.0-r0
L CVE-2022-35252	<7.85.0-r0
H Double Free	<7.86.0-r0
M Cleartext Transmission of Sensitive Information	<7.83.1-r0
M Insufficiently Protected Credentials	<7.83.0-r0
M Improper Authentication	<8.0.0-r0
H Loop with Unreachable Exit Condition ('Infinite Loop')	<7.83.1-r0
H Cleartext Transmission of Sensitive Information	<7.86.0-r0
M Insufficiently Protected Credentials	<7.83.0-r0
M Use After Free	<7.87.0-r0
M CVE-2022-27779	<7.83.1-r0
H Use of Incorrectly-Resolved Name or Reference	<7.83.1-r0
M Allocation of Resources Without Limits or Throttling	<7.84.0-r0
M Improper Validation of Integrity Check Value	<7.78.0-r0
M Out-of-bounds Write	<7.84.0-r0
M Allocation of Resources Without Limits or Throttling	<7.84.0-r0
C Incorrect Default Permissions	<7.84.0-r0
H Missing Authentication for Critical Function	<7.83.0-r0
L Use of Incorrectly-Resolved Name or Reference	<7.78.0-r0
L CVE-2020-8284	<7.74.0-r0
H CVE-2022-27775	<7.83.0-r0
H Use After Free	<7.72.0-r0
M Information Exposure	<7.76.0-r0
M Use of Uninitialized Resource	<7.78.0-r0
H Use After Free	<7.77.0-r0
H Out-of-bounds Write	<7.65.0-r0
L Missing Initialization of Resource	<7.77.0-r0
M Insufficiently Protected Credentials	<7.78.0-r0
L Authentication Bypass	<7.76.0-r0
H Cleartext Transmission of Sensitive Information	<7.79.0-r0
H Out-of-bounds Read	<7.64.0-r0
C Out-of-bounds Read	<7.62.0-r0
H Out-of-bounds Write	<7.74.0-r0
C Out-of-bounds Write	<7.60.0-r0
C Double Free	<7.66.0-r0
C Out-of-bounds Read	<7.60.0-r0
M Improper Certificate Validation	<7.53.0-r0
C Buffer Overflow	<7.66.0-r0
H Improper Certificate Validation	<7.74.0-r0
H Improper Initialization	<7.52.1-r0
C Out-of-bounds Read	<7.59.0-r0
C Out-of-bounds Write	<7.59.0-r0
H Arbitrary Code Injection	<7.71.0-r0
L Integer Overflow or Wraparound	<7.65.0-r0
H NULL Pointer Dereference	<7.59.0-r0
H Information Exposure	<7.71.0-r0
M Out-of-Bounds	<7.55.0-r0
M Information Exposure	<7.55.0-r0
C Out-of-bounds Read	<7.57.0-r0
C Use After Free	<7.62.0-r0
C Integer Overflow or Wraparound	<7.61.1-r0
H Out-of-bounds Read	<7.51.0-r0
C Out-of-bounds Write	<7.51.0-r0
C Out-of-Bounds	<7.62.0-r0
H Out-of-bounds Read	<7.64.0-r0
H Improper Certificate Validation	<7.54.0-r0
L Out-of-Bounds	<7.53.1-r2
C Out-of-bounds Write	<7.64.0-r0
C Out-of-bounds Write	<7.61.0-r0
C Double Free	<7.51.0-r0
M Information Exposure	<7.55.0-r0
C Integer Overflow or Wraparound	<7.57.0-r0
C Out-of-Bounds	<7.57.0-r0
C Out-of-Bounds	<7.56.1-r0
M Cryptographic Issues	<7.36.0-r0
H Resource Injection	<7.51.0-r0
C Double Free	<7.51.0-r0
H Use After Free	<7.51.0-r0
H Out-of-bounds Write	<7.51.0-r0
M Credentials Management	<7.51.0-r0
H Cryptographic Issues	<7.50.1-r0
H Improper Input Validation	<7.51.0-r0
C Out-of-bounds Read	<7.51.0-r0
H Improper Authorization	<7.50.1-r0
C Integer Overflow or Wraparound	<7.50.3-r0
H Improper Input Validation	<7.51.0-r0
H Improper Authentication	<7.50.2-r0
M Improper Authentication	<7.36.0-r0
H Use After Free	<7.50.1-r0

Vulnerability

Vulnerable Version

Loop with Unreachable Exit Condition ('Infinite Loop')

<8.14.1-r0